package com.qfedu.edu.filter;

import com.qfedu.edu.context.Context;
import com.qfedu.edu.enum1.ResponseCode;
import com.qfedu.edu.result.R;
import com.qfedu.edu.utils.HttpResponseUtils;
import org.framework.edu.service.JwtService;
import org.framework.edu.service.TokenService;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.util.StringUtils;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

public class MyAuthenticationFilter extends BasicAuthenticationFilter {

    private AuthenticationManager authenticationManager;
    private TokenService tokenService;
    private JwtService jwtService;
    public MyAuthenticationFilter(AuthenticationManager authenticationManager,TokenService tokenService,JwtService jwtService) {
        super(authenticationManager);
        this.authenticationManager=authenticationManager;
        this.tokenService=tokenService;
        this.jwtService=jwtService;
    }

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
        String token = request.getHeader("token");
        if(StringUtils.isEmpty(token)){
            R error = R.error(ResponseCode.AUTH_EXCEPTION);
            HttpResponseUtils.sendResponse(response, error);
            return;
        }
        boolean verifyToken = tokenService.verifyToken(token);
        if(!verifyToken){
            R error = R.error(ResponseCode.AUTH_EXCEPTION);
            HttpResponseUtils.sendResponse(response, error);
            return;
        }

        String username = jwtService.getUsername(token);
        String userId = jwtService.getUserIdByToken(token);

        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken=null;
        List<String> roleAndPermList  = Context.getRoleAndPerm().get(token);
        if(roleAndPermList!=null&&roleAndPermList.size()>0){
            List<SimpleGrantedAuthority> lists = new ArrayList<>();
            for (int i = 0; i < roleAndPermList.size(); i++) {
                String roleAndPerm = roleAndPermList.get(i);
                SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(roleAndPerm);
                lists.add(simpleGrantedAuthority);
            }
            usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userId, username, lists);
        }else {
            usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userId, username, new ArrayList<SimpleGrantedAuthority>());
        }

        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);

        chain.doFilter(request, response);
    }
}
